AWS Cloud Monitoring

MCP Server

• Command: uvx awslabs.cloudwatch-mcp-server@latest (stdio transport)
• Requires: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION (or AWS_PROFILE)

Key Capabilities

• Metrics: Query CloudWatch metrics for any AWS service (EC2, ELB, TGW, NAT GW, VPN)
• Alarms: List and inspect CloudWatch alarms and their states
• Logs: Run CloudWatch Logs Insights queries across any log group
• Flow Logs: Analyze VPC and TGW flow logs for traffic patterns and dropped connections

Workflow: Network Monitoring Dashboard

When a user asks "how is our AWS network performing?":

1. Check alarms: List CloudWatch alarms in ALARM state